diff --git a/.chloggen/common-fields-v2.yaml b/.chloggen/common-fields-v2.yaml new file mode 100755 index 0000000000..a7f8978698 --- /dev/null +++ b/.chloggen/common-fields-v2.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. operator, target allocator, github action) +component: operator + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Introduce common fields to the v1alpha2 types that can be reused for any CRDs. + +# One or more tracking issues related to the change +issues: [901] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/apis/v1alpha2/common.go b/apis/v1alpha2/common.go new file mode 100644 index 0000000000..ec904d6ff8 --- /dev/null +++ b/apis/v1alpha2/common.go @@ -0,0 +1,223 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +import ( + autoscalingv2 "k8s.io/api/autoscaling/v2" + v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" +) + +// ManagementStateType defines the type for CR management states. +// +// +kubebuilder:validation:Enum=managed;unmanaged +type ManagementStateType string + +const ( + // ManagementStateManaged when the OpenTelemetryCollector custom resource should be + // reconciled by the operator. + ManagementStateManaged ManagementStateType = "managed" + + // ManagementStateUnmanaged when the OpenTelemetryCollector custom resource should not be + // reconciled by the operator. + ManagementStateUnmanaged ManagementStateType = "unmanaged" +) + +// MetricSpec defines a subset of metrics to be defined for the HPA's metric array +// more metric type can be supported as needed. +// See https://pkg.go.dev/k8s.io/api/autoscaling/v2#MetricSpec for reference. +type MetricSpec struct { + Type autoscalingv2.MetricSourceType `json:"type"` + Pods *autoscalingv2.PodsMetricSource `json:"pods,omitempty"` +} + +// AutoscalerSpec defines the OpenTelemetryCollector's pod autoscaling specification. +type AutoscalerSpec struct { + // MinReplicas sets a lower bound to the autoscaling feature. Set this if your are using autoscaling. It must be at least 1 + // +optional + MinReplicas *int32 `json:"minReplicas,omitempty"` + // MaxReplicas sets an upper bound to the autoscaling feature. If MaxReplicas is set autoscaling is enabled. + // +optional + MaxReplicas *int32 `json:"maxReplicas,omitempty"` + // +optional + Behavior *autoscalingv2.HorizontalPodAutoscalerBehavior `json:"behavior,omitempty"` + // Metrics is meant to provide a customizable way to configure HPA metrics. + // currently the only supported custom metrics is type=Pod. + // Use TargetCPUUtilization or TargetMemoryUtilization instead if scaling on these common resource metrics. + // +optional + Metrics []MetricSpec `json:"metrics,omitempty"` + // TargetCPUUtilization sets the target average CPU used across all replicas. + // If average CPU exceeds this value, the HPA will scale up. Defaults to 90 percent. + // +optional + TargetCPUUtilization *int32 `json:"targetCPUUtilization,omitempty"` + // +optional + // TargetMemoryUtilization sets the target average memory utilization across all replicas + TargetMemoryUtilization *int32 `json:"targetMemoryUtilization,omitempty"` +} + +// PodDisruptionBudgetSpec defines the OpenTelemetryCollector's pod disruption budget specification. +type PodDisruptionBudgetSpec struct { + // An eviction is allowed if at least "minAvailable" pods selected by + // "selector" will still be available after the eviction, i.e. even in the + // absence of the evicted pod. So for example you can prevent all voluntary + // evictions by specifying "100%". + // +optional + MinAvailable *intstr.IntOrString `json:"minAvailable,omitempty"` + + // An eviction is allowed if at most "maxUnavailable" pods selected by + // "selector" are unavailable after the eviction, i.e. even in absence of + // the evicted pod. For example, one can prevent all voluntary evictions + // by specifying 0. This is a mutually exclusive setting with "minAvailable". + // +optional + MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty"` +} + +type OpenTelemetryCommonFields struct { + // ManagementState defines if the CR should be managed by the operator or not. + // Default is managed. + // + // +required + // +kubebuilder:validation:Required + // +kubebuilder:default:=managed + ManagementState ManagementStateType `json:"managementState,omitempty"` + // Resources to set on generated pods. + // +optional + Resources v1.ResourceRequirements `json:"resources,omitempty"` + // NodeSelector to schedule generated pods. + // This only works with the following OpenTelemetryCollector mode's: daemonset, statefulset, and deployment. + // +optional + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // Args is the set of arguments to pass to the main container's binary. + // +optional + Args map[string]string `json:"args,omitempty"` + // Replicas is the number of pod instances for the underlying replicaset. Set this if you are not using autoscaling. + // +optional + Replicas *int32 `json:"replicas,omitempty"` + // Autoscaler specifies the pod autoscaling configuration to use + // for the workload. + // +optional + Autoscaler *AutoscalerSpec `json:"autoscaler,omitempty"` + // PodDisruptionBudget specifies the pod disruption budget configuration to use + // for the generated workload. + // +optional + PodDisruptionBudget *PodDisruptionBudgetSpec `json:"podDisruptionBudget,omitempty"` + // SecurityContext configures the container security context for + // the generated main container. + // + // In deployment, daemonset, or statefulset mode, this controls + // the security context settings for the primary application + // container. + // + // In sidecar mode, this controls the security context for the + // injected sidecar container. + // + // +optional + SecurityContext *v1.SecurityContext `json:"securityContext,omitempty"` + // PodSecurityContext configures the pod security context for the + // generated pod, when running as a deployment, daemonset, + // or statefulset. + // + // In sidecar mode, the opentelemetry-operator will ignore this setting. + // + // +optional + PodSecurityContext *v1.PodSecurityContext `json:"podSecurityContext,omitempty"` + // PodAnnotations is the set of annotations that will be attached to + // the generated pods. + // +optional + PodAnnotations map[string]string `json:"podAnnotations,omitempty"` + // ServiceAccount indicates the name of an existing service account to use with this instance. When set, + // the operator will not automatically create a ServiceAccount. + // +optional + ServiceAccount string `json:"serviceAccount,omitempty"` + // Image indicates the container image to use for the generated pods. + // +optional + Image string `json:"image,omitempty"` + // ImagePullPolicy indicates the pull policy to be used for retrieving the container image. + // +optional + ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` + // VolumeMounts represents the mount points to use in the underlying deployment(s). + // +optional + // +listType=atomic + VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` + // Ports allows a set of ports to be exposed by the underlying v1.Service. By default, the operator + // will attempt to infer the required ports by parsing the .Spec.Config property but this property can be + // used to open additional ports that can't be inferred by the operator, like for custom receivers. + // +optional + // +listType=atomic + Ports []v1.ServicePort `json:"ports,omitempty"` + // Environment variables to set on the generated pods. + // +optional + Env []v1.EnvVar `json:"env,omitempty"` + // List of sources to populate environment variables on the generated pods. + // +optional + EnvFrom []v1.EnvFromSource `json:"envFrom,omitempty"` + // VolumeClaimTemplates will provide stable storage using PersistentVolumes. + // This only works with the following OpenTelemetryCollector mode's: statefulset. + // +optional + // +listType=atomic + VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty"` + // Toleration to schedule the generated pods. + // This only works with the following OpenTelemetryCollector mode's: daemonset, statefulset, and deployment. + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // Volumes represents which volumes to use in the underlying deployment(s). + // +optional + // +listType=atomic + Volumes []v1.Volume `json:"volumes,omitempty"` + // If specified, indicates the pod's scheduling constraints + // +optional + Affinity *v1.Affinity `json:"affinity,omitempty"` + // Actions that the management system should take in response to container lifecycle events. Cannot be updated. + // +optional + Lifecycle *v1.Lifecycle `json:"lifecycle,omitempty"` + // Duration in seconds the pod needs to terminate gracefully upon probe failure. + // +optional + TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` + // TopologySpreadConstraints embedded kubernetes pod configuration option, + // controls how pods are spread across your cluster among failure-domains + // such as regions, zones, nodes, and other user-defined topology domains + // https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + // This only works with the following OpenTelemetryCollector mode's: statefulset, and deployment. + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // HostNetwork indicates if the pod should run in the host networking namespace. + // +optional + HostNetwork bool `json:"hostNetwork,omitempty"` + // If specified, indicates the pod's priority. + // If not specified, the pod priority will be default or zero if there is no + // default. + // +optional + PriorityClassName string `json:"priorityClassName,omitempty"` + // InitContainers allows injecting initContainers to the generated pod definition. + // These init containers can be used to fetch secrets for injection into the + // configuration from external sources, run added checks, etc. Any errors during the execution of + // an initContainer will lead to a restart of the Pod. More info: + // https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + // +optional + InitContainers []v1.Container `json:"initContainers,omitempty"` + // AdditionalContainers allows injecting additional containers into the generated pod definition. + // These sidecar containers can be used for authentication proxies, log shipping sidecars, agents for shipping + // metrics to their cloud, or in general sidecars that do not support automatic injection. + // This only works with the following OpenTelemetryCollector mode's: daemonset, statefulset, and deployment. + // + // Container names managed by the operator: + // * `otc-container` + // + // Overriding containers managed by the operator is outside the scope of what the maintainers will support and by + // doing so, you wil accept the risk of it breaking things. + // + // +optional + AdditionalContainers []v1.Container `json:"additionalContainers,omitempty"` +} diff --git a/apis/v1alpha2/ingress_type.go b/apis/v1alpha2/ingress_type.go new file mode 100644 index 0000000000..8808d09339 --- /dev/null +++ b/apis/v1alpha2/ingress_type.go @@ -0,0 +1,63 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +type ( + // IngressType represents how a collector should be exposed (ingress vs route). + // +kubebuilder:validation:Enum=ingress;route + IngressType string +) + +const ( + // IngressTypeNginx specifies that an ingress entry should be created. + IngressTypeNginx IngressType = "ingress" + // IngressTypeOpenshiftRoute specifies that an route entry should be created. + IngressTypeRoute IngressType = "route" +) + +type ( + // TLSRouteTerminationType is used to indicate which tls settings should be used. + // +kubebuilder:validation:Enum=insecure;edge;passthrough;reencrypt + TLSRouteTerminationType string +) + +const ( + // TLSRouteTerminationTypeInsecure indicates that insecure connections are allowed. + TLSRouteTerminationTypeInsecure TLSRouteTerminationType = "insecure" + // TLSRouteTerminationTypeEdge indicates that encryption should be terminated + // at the edge router. + TLSRouteTerminationTypeEdge TLSRouteTerminationType = "edge" + // TLSTerminationPassthrough indicates that the destination service is + // responsible for decrypting traffic. + TLSRouteTerminationTypePassthrough TLSRouteTerminationType = "passthrough" + // TLSTerminationReencrypt indicates that traffic will be decrypted on the edge + // and re-encrypt using a new certificate. + TLSRouteTerminationTypeReencrypt TLSRouteTerminationType = "reencrypt" +) + +// IngressRuleType defines how the collector receivers will be exposed in the Ingress. +// +// +kubebuilder:validation:Enum=path;subdomain +type IngressRuleType string + +const ( + // IngressRuleTypePath configures Ingress to use single host with multiple paths. + // This configuration might require additional ingress setting to rewrite paths. + IngressRuleTypePath IngressRuleType = "path" + + // IngressRuleTypeSubdomain configures Ingress to use multiple hosts - one for each exposed + // receiver port. The port name is used as a subdomain for the host defined in the Ingress e.g. otlp-http.example.com. + IngressRuleTypeSubdomain IngressRuleType = "subdomain" +) diff --git a/apis/v1alpha2/mode.go b/apis/v1alpha2/mode.go new file mode 100644 index 0000000000..8cd8a46cf8 --- /dev/null +++ b/apis/v1alpha2/mode.go @@ -0,0 +1,35 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +type ( + // Mode represents how the collector should be deployed (deployment vs. daemonset) + // +kubebuilder:validation:Enum=daemonset;deployment;sidecar;statefulset + Mode string +) + +const ( + // ModeDaemonSet specifies that the collector should be deployed as a Kubernetes DaemonSet. + ModeDaemonSet Mode = "daemonset" + + // ModeDeployment specifies that the collector should be deployed as a Kubernetes Deployment. + ModeDeployment Mode = "deployment" + + // ModeSidecar specifies that the collector should be deployed as a sidecar to pods. + ModeSidecar Mode = "sidecar" + + // ModeStatefulSet specifies that the collector should be deployed as a Kubernetes StatefulSet. + ModeStatefulSet Mode = "statefulset" +) diff --git a/apis/v1alpha2/opentelemetrycollector_types.go b/apis/v1alpha2/opentelemetrycollector_types.go index 174044a43a..cffe79da76 100644 --- a/apis/v1alpha2/opentelemetrycollector_types.go +++ b/apis/v1alpha2/opentelemetrycollector_types.go @@ -17,173 +17,129 @@ package v1alpha2 import ( - v1 "k8s.io/api/core/v1" + networkingv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" ) -// OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector. -type OpenTelemetryCollectorSpec struct { - // ManagementState defines if the CR should be managed by the operator or not. - // Default is managed. - // - // +required - // +kubebuilder:validation:Required - // +kubebuilder:default:=managed - ManagementState v1alpha1.ManagementStateType `json:"managementState,omitempty"` - // Resources to set on the OpenTelemetry Collector pods. +// Probe defines the OpenTelemetry's pod probe config. Only Liveness probe is supported currently. +type Probe struct { + // Number of seconds after the container has started before liveness probes are initiated. + // Defaults to 0 seconds. Minimum value is 0. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // +optional + InitialDelaySeconds *int32 `json:"initialDelaySeconds,omitempty"` + // Number of seconds after which the probe times out. + // Defaults to 1 second. Minimum value is 1. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // +optional + TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty"` + // How often (in seconds) to perform the probe. + // Default to 10 seconds. Minimum value is 1. + // +optional + PeriodSeconds *int32 `json:"periodSeconds,omitempty"` + // Minimum consecutive successes for the probe to be considered successful after having failed. + // Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + // +optional + SuccessThreshold *int32 `json:"successThreshold,omitempty"` + // Minimum consecutive failures for the probe to be considered failed after having succeeded. + // Defaults to 3. Minimum value is 1. + // +optional + FailureThreshold *int32 `json:"failureThreshold,omitempty"` + // Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + // The grace period is the duration in seconds after the processes running in the pod are sent + // a termination signal and the time when the processes are forcibly halted with a kill signal. + // Set this value longer than the expected cleanup time for your process. + // If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + // value overrides the value provided by the pod spec. + // Value must be non-negative integer. The value zero indicates stop immediately via + // the kill signal (no opportunity to shut down). + // This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + // Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. // +optional - Resources v1.ResourceRequirements `json:"resources,omitempty"` - // NodeSelector to schedule OpenTelemetry Collector pods. - // This is only relevant to daemonset, statefulset, and deployment mode - // +optional - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // Args is the set of arguments to pass to the OpenTelemetry Collector binary - // +optional - Args map[string]string `json:"args,omitempty"` - // Replicas is the number of pod instances for the underlying OpenTelemetry Collector. Set this if your are not using autoscaling - // +optional - Replicas *int32 `json:"replicas,omitempty"` - // Autoscaler specifies the pod autoscaling configuration to use - // for the OpenTelemetryCollector workload. - // + TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` +} + +// Ingress is used to specify how OpenTelemetry Collector is exposed. This +// functionality is only available if one of the valid modes is set. +// Valid modes are: deployment, daemonset and statefulset. +// NOTE: If this feature is activated, all specified receivers are exposed. +// Currently, this has a few limitations. Depending on the ingress controller +// there are problems with TLS and gRPC. +// SEE: https://github.com/open-telemetry/opentelemetry-operator/issues/1306. +// NOTE: As a workaround, port name and appProtocol could be specified directly +// in the CR. +// SEE: OpenTelemetryCollector.spec.ports[index]. +type Ingress struct { + // Type default value is: "" + // Supported types are: ingress, route + Type IngressType `json:"type,omitempty"` + + // RuleType defines how Ingress exposes collector receivers. + // IngressRuleTypePath ("path") exposes each receiver port on a unique path on single domain defined in Hostname. + // IngressRuleTypeSubdomain ("subdomain") exposes each receiver port on a unique subdomain of Hostname. + // Default is IngressRuleTypePath ("path"). + RuleType IngressRuleType `json:"ruleType,omitempty"` + + // Hostname by which the ingress proxy can be reached. // +optional - Autoscaler *v1alpha1.AutoscalerSpec `json:"autoscaler,omitempty"` - // PodDisruptionBudget specifies the pod disruption budget configuration to use - // for the OpenTelemetryCollector workload. - // + Hostname string `json:"hostname,omitempty"` + + // Annotations to add to ingress. + // e.g. 'cert-manager.io/cluster-issuer: "letsencrypt"' // +optional - PodDisruptionBudget *v1alpha1.PodDisruptionBudgetSpec `json:"podDisruptionBudget,omitempty"` - // SecurityContext configures the container security context for - // the opentelemetry-collector container. - // - // In deployment, daemonset, or statefulset mode, this controls - // the security context settings for the primary application - // container. - // - // In sidecar mode, this controls the security context for the - // injected sidecar container. - // + Annotations map[string]string `json:"annotations,omitempty"` + + // TLS configuration. // +optional - SecurityContext *v1.SecurityContext `json:"securityContext,omitempty"` - // PodSecurityContext configures the pod security context for the - // opentelemetry-collector pod, when running as a deployment, daemonset, - // or statefulset. - // - // In sidecar mode, the opentelemetry-operator will ignore this setting. - // + TLS []networkingv1.IngressTLS `json:"tls,omitempty"` + + // IngressClassName is the name of an IngressClass cluster resource. Ingress + // controller implementations use this field to know whether they should be + // serving this Ingress resource. // +optional - PodSecurityContext *v1.PodSecurityContext `json:"podSecurityContext,omitempty"` - // PodAnnotations is the set of annotations that will be attached to - // Collector and Target Allocator pods. + IngressClassName *string `json:"ingressClassName,omitempty"` + + // Route is an OpenShift specific section that is only considered when + // type "route" is used. // +optional - PodAnnotations map[string]string `json:"podAnnotations,omitempty"` + Route OpenShiftRoute `json:"route,omitempty"` +} + +// OpenShiftRoute defines openshift route specific settings. +type OpenShiftRoute struct { + // Termination indicates termination type. By default "edge" is used. + Termination TLSRouteTerminationType `json:"termination,omitempty"` +} + +// OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector. +type OpenTelemetryCollectorSpec struct { + // Common defines fields that are common to all OpenTelemetry CRD workloads. + Common OpenTelemetryCommonFields `json:",inline"` // TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. // +optional TargetAllocator v1alpha1.OpenTelemetryTargetAllocator `json:"targetAllocator,omitempty"` // Mode represents how the collector should be deployed (deployment, daemonset, statefulset or sidecar) // +optional - Mode v1alpha1.Mode `json:"mode,omitempty"` - // ServiceAccount indicates the name of an existing service account to use with this instance. When set, - // the operator will not automatically create a ServiceAccount for the collector. - // +optional - ServiceAccount string `json:"serviceAccount,omitempty"` - // Image indicates the container image to use for the OpenTelemetry Collector. - // +optional - Image string `json:"image,omitempty"` + Mode Mode `json:"mode,omitempty"` // UpgradeStrategy represents how the operator will handle upgrades to the CR when a newer version of the operator is deployed // +optional - UpgradeStrategy v1alpha1.UpgradeStrategy `json:"upgradeStrategy"` - - // ImagePullPolicy indicates the pull policy to be used for retrieving the container image (Always, Never, IfNotPresent) - // +optional - ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` + UpgradeStrategy UpgradeStrategy `json:"upgradeStrategy"` // Config is the raw JSON to be used as the collector's configuration. Refer to the OpenTelemetry Collector documentation for details. // The empty objects e.g. batch: should be written as batch: {} otherwise they won't work with kustomize or kubectl edit. // +required // +kubebuilder:pruning:PreserveUnknownFields Config Config `json:"config"` - - // VolumeMounts represents the mount points to use in the underlying collector deployment(s) - // +optional - // +listType=atomic - VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` - // Ports allows a set of ports to be exposed by the underlying v1.Service. By default, the operator - // will attempt to infer the required ports by parsing the .Spec.Config property but this property can be - // used to open additional ports that can't be inferred by the operator, like for custom receivers. - // +optional - // +listType=atomic - Ports []v1.ServicePort `json:"ports,omitempty"` - // ENV vars to set on the OpenTelemetry Collector's Pods. These can then in certain cases be - // consumed in the config file for the Collector. - // +optional - Env []v1.EnvVar `json:"env,omitempty"` - // List of sources to populate environment variables on the OpenTelemetry Collector's Pods. - // These can then in certain cases be consumed in the config file for the Collector. - // +optional - EnvFrom []v1.EnvFromSource `json:"envFrom,omitempty"` - // VolumeClaimTemplates will provide stable storage using PersistentVolumes. Only available when the mode=statefulset. - // +optional - // +listType=atomic - VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty"` - // Toleration to schedule OpenTelemetry Collector pods. - // This is only relevant to daemonset, statefulset, and deployment mode - // +optional - Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // Volumes represents which volumes to use in the underlying collector deployment(s). - // +optional - // +listType=atomic - Volumes []v1.Volume `json:"volumes,omitempty"` // Ingress is used to specify how OpenTelemetry Collector is exposed. This // functionality is only available if one of the valid modes is set. // Valid modes are: deployment, daemonset and statefulset. // +optional - Ingress v1alpha1.Ingress `json:"ingress,omitempty"` - // HostNetwork indicates if the pod should run in the host networking namespace. - // +optional - HostNetwork bool `json:"hostNetwork,omitempty"` - // If specified, indicates the pod's priority. - // If not specified, the pod priority will be default or zero if there is no - // default. - // +optional - PriorityClassName string `json:"priorityClassName,omitempty"` - // If specified, indicates the pod's scheduling constraints - // +optional - Affinity *v1.Affinity `json:"affinity,omitempty"` - // Actions that the management system should take in response to container lifecycle events. Cannot be updated. - // +optional - Lifecycle *v1.Lifecycle `json:"lifecycle,omitempty"` - // Duration in seconds the pod needs to terminate gracefully upon probe failure. - // +optional - TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` + Ingress Ingress `json:"ingress,omitempty"` // Liveness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector. // It is only effective when healthcheckextension is configured in the OpenTelemetry Collector pipeline. // +optional - LivenessProbe *v1alpha1.Probe `json:"livenessProbe,omitempty"` - // InitContainers allows injecting initContainers to the Collector's pod definition. - // These init containers can be used to fetch secrets for injection into the - // configuration from external sources, run added checks, etc. Any errors during the execution of - // an initContainer will lead to a restart of the Pod. More info: - // https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - // +optional - InitContainers []v1.Container `json:"initContainers,omitempty"` - - // AdditionalContainers allows injecting additional containers into the Collector's pod definition. - // These sidecar containers can be used for authentication proxies, log shipping sidecars, agents for shipping - // metrics to their cloud, or in general sidecars that do not support automatic injection. This option only - // applies to Deployment, DaemonSet, and StatefulSet deployment modes of the collector. It does not apply to the sidecar - // deployment mode. More info about sidecars: - // https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/ - // - // Container names managed by the operator: - // * `otc-container` - // - // Overriding containers managed by the operator is outside the scope of what the maintainers will support and by - // doing so, you wil accept the risk of it breaking things. - // - // +optional - AdditionalContainers []v1.Container `json:"additionalContainers,omitempty"` + LivenessProbe *Probe `json:"livenessProbe,omitempty"` // ObservabilitySpec defines how telemetry data gets handled. // @@ -192,14 +148,6 @@ type OpenTelemetryCollectorSpec struct { // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Observability" Observability v1alpha1.ObservabilitySpec `json:"observability,omitempty"` - // TopologySpreadConstraints embedded kubernetes pod configuration option, - // controls how pods are spread across your cluster among failure-domains - // such as regions, zones, nodes, and other user-defined topology domains - // https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - // This is only relevant to statefulset, and deployment mode - // +optional - TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // ConfigMaps is a list of ConfigMaps in the same namespace as the OpenTelemetryCollector // object, which shall be mounted into the Collector Pods. // Each ConfigMap will be added to the Collector's Deployments as a volume named `configmap-`. diff --git a/apis/v1alpha2/upgrade_strategy.go b/apis/v1alpha2/upgrade_strategy.go new file mode 100644 index 0000000000..5f26b4b3db --- /dev/null +++ b/apis/v1alpha2/upgrade_strategy.go @@ -0,0 +1,29 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +type ( + // UpgradeStrategy represents how the operator will handle upgrades to the CR when a newer version of the operator is deployed + // +kubebuilder:validation:Enum=automatic;none + UpgradeStrategy string +) + +const ( + // UpgradeStrategyAutomatic specifies that the operator will automatically apply upgrades to the CR. + UpgradeStrategyAutomatic UpgradeStrategy = "automatic" + + // UpgradeStrategyNone specifies that the operator will not apply any upgrades to the CR. + UpgradeStrategyNone UpgradeStrategy = "none" +) diff --git a/apis/v1alpha2/zz_generated.deepcopy.go b/apis/v1alpha2/zz_generated.deepcopy.go index 6b351f77fe..3904bd85a2 100644 --- a/apis/v1alpha2/zz_generated.deepcopy.go +++ b/apis/v1alpha2/zz_generated.deepcopy.go @@ -21,8 +21,11 @@ package v1alpha2 import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" + "k8s.io/api/autoscaling/v2" "k8s.io/api/core/v1" + networkingv1 "k8s.io/api/networking/v1" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -60,6 +63,53 @@ func (in *ApacheHttpd) DeepCopy() *ApacheHttpd { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AutoscalerSpec) DeepCopyInto(out *AutoscalerSpec) { + *out = *in + if in.MinReplicas != nil { + in, out := &in.MinReplicas, &out.MinReplicas + *out = new(int32) + **out = **in + } + if in.MaxReplicas != nil { + in, out := &in.MaxReplicas, &out.MaxReplicas + *out = new(int32) + **out = **in + } + if in.Behavior != nil { + in, out := &in.Behavior, &out.Behavior + *out = new(v2.HorizontalPodAutoscalerBehavior) + (*in).DeepCopyInto(*out) + } + if in.Metrics != nil { + in, out := &in.Metrics, &out.Metrics + *out = make([]MetricSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TargetCPUUtilization != nil { + in, out := &in.TargetCPUUtilization, &out.TargetCPUUtilization + *out = new(int32) + **out = **in + } + if in.TargetMemoryUtilization != nil { + in, out := &in.TargetMemoryUtilization, &out.TargetMemoryUtilization + *out = new(int32) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutoscalerSpec. +func (in *AutoscalerSpec) DeepCopy() *AutoscalerSpec { + if in == nil { + return nil + } + out := new(AutoscalerSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Config) DeepCopyInto(out *Config) { *out = *in @@ -161,6 +211,41 @@ func (in *Go) DeepCopy() *Go { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = make([]networkingv1.IngressTLS, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IngressClassName != nil { + in, out := &in.IngressClassName, &out.IngressClassName + *out = new(string) + **out = **in + } + out.Route = in.Route +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Instrumentation) DeepCopyInto(out *Instrumentation) { *out = *in @@ -300,6 +385,26 @@ func (in *Java) DeepCopy() *Java { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MetricSpec) DeepCopyInto(out *MetricSpec) { + *out = *in + if in.Pods != nil { + in, out := &in.Pods, &out.Pods + *out = new(v2.PodsMetricSource) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricSpec. +func (in *MetricSpec) DeepCopy() *MetricSpec { + if in == nil { + return nil + } + out := new(MetricSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Nginx) DeepCopyInto(out *Nginx) { *out = *in @@ -363,6 +468,21 @@ func (in *NodeJS) DeepCopy() *NodeJS { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenShiftRoute) DeepCopyInto(out *OpenShiftRoute) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenShiftRoute. +func (in *OpenShiftRoute) DeepCopy() *OpenShiftRoute { + if in == nil { + return nil + } + out := new(OpenShiftRoute) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OpenTelemetryCollector) DeepCopyInto(out *OpenTelemetryCollector) { *out = *in @@ -424,6 +544,57 @@ func (in *OpenTelemetryCollectorList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSpec) { + *out = *in + in.Common.DeepCopyInto(&out.Common) + in.TargetAllocator.DeepCopyInto(&out.TargetAllocator) + in.Config.DeepCopyInto(&out.Config) + in.Ingress.DeepCopyInto(&out.Ingress) + if in.LivenessProbe != nil { + in, out := &in.LivenessProbe, &out.LivenessProbe + *out = new(Probe) + (*in).DeepCopyInto(*out) + } + out.Observability = in.Observability + if in.ConfigMaps != nil { + in, out := &in.ConfigMaps, &out.ConfigMaps + *out = make([]v1alpha1.ConfigMapsSpec, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenTelemetryCollectorSpec. +func (in *OpenTelemetryCollectorSpec) DeepCopy() *OpenTelemetryCollectorSpec { + if in == nil { + return nil + } + out := new(OpenTelemetryCollectorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenTelemetryCollectorStatus) DeepCopyInto(out *OpenTelemetryCollectorStatus) { + *out = *in + out.Scale = in.Scale + if in.Messages != nil { + in, out := &in.Messages, &out.Messages + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenTelemetryCollectorStatus. +func (in *OpenTelemetryCollectorStatus) DeepCopy() *OpenTelemetryCollectorStatus { + if in == nil { + return nil + } + out := new(OpenTelemetryCollectorStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenTelemetryCommonFields) DeepCopyInto(out *OpenTelemetryCommonFields) { *out = *in in.Resources.DeepCopyInto(&out.Resources) if in.NodeSelector != nil { @@ -447,12 +618,12 @@ func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSp } if in.Autoscaler != nil { in, out := &in.Autoscaler, &out.Autoscaler - *out = new(v1alpha1.AutoscalerSpec) + *out = new(AutoscalerSpec) (*in).DeepCopyInto(*out) } if in.PodDisruptionBudget != nil { in, out := &in.PodDisruptionBudget, &out.PodDisruptionBudget - *out = new(v1alpha1.PodDisruptionBudgetSpec) + *out = new(PodDisruptionBudgetSpec) (*in).DeepCopyInto(*out) } if in.SecurityContext != nil { @@ -472,8 +643,6 @@ func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSp (*out)[key] = val } } - in.TargetAllocator.DeepCopyInto(&out.TargetAllocator) - in.Config.DeepCopyInto(&out.Config) if in.VolumeMounts != nil { in, out := &in.VolumeMounts, &out.VolumeMounts *out = make([]v1.VolumeMount, len(*in)) @@ -523,7 +692,6 @@ func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSp (*in)[i].DeepCopyInto(&(*out)[i]) } } - in.Ingress.DeepCopyInto(&out.Ingress) if in.Affinity != nil { in, out := &in.Affinity, &out.Affinity *out = new(v1.Affinity) @@ -539,10 +707,12 @@ func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSp *out = new(int64) **out = **in } - if in.LivenessProbe != nil { - in, out := &in.LivenessProbe, &out.LivenessProbe - *out = new(v1alpha1.Probe) - (*in).DeepCopyInto(*out) + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } if in.InitContainers != nil { in, out := &in.InitContainers, &out.InitContainers @@ -558,48 +728,84 @@ func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSp (*in)[i].DeepCopyInto(&(*out)[i]) } } - out.Observability = in.Observability - if in.TopologySpreadConstraints != nil { - in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]v1.TopologySpreadConstraint, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenTelemetryCommonFields. +func (in *OpenTelemetryCommonFields) DeepCopy() *OpenTelemetryCommonFields { + if in == nil { + return nil } - if in.ConfigMaps != nil { - in, out := &in.ConfigMaps, &out.ConfigMaps - *out = make([]v1alpha1.ConfigMapsSpec, len(*in)) - copy(*out, *in) + out := new(OpenTelemetryCommonFields) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PodDisruptionBudgetSpec) DeepCopyInto(out *PodDisruptionBudgetSpec) { + *out = *in + if in.MinAvailable != nil { + in, out := &in.MinAvailable, &out.MinAvailable + *out = new(intstr.IntOrString) + **out = **in + } + if in.MaxUnavailable != nil { + in, out := &in.MaxUnavailable, &out.MaxUnavailable + *out = new(intstr.IntOrString) + **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenTelemetryCollectorSpec. -func (in *OpenTelemetryCollectorSpec) DeepCopy() *OpenTelemetryCollectorSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetSpec. +func (in *PodDisruptionBudgetSpec) DeepCopy() *PodDisruptionBudgetSpec { if in == nil { return nil } - out := new(OpenTelemetryCollectorSpec) + out := new(PodDisruptionBudgetSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OpenTelemetryCollectorStatus) DeepCopyInto(out *OpenTelemetryCollectorStatus) { +func (in *Probe) DeepCopyInto(out *Probe) { *out = *in - out.Scale = in.Scale - if in.Messages != nil { - in, out := &in.Messages, &out.Messages - *out = make([]string, len(*in)) - copy(*out, *in) + if in.InitialDelaySeconds != nil { + in, out := &in.InitialDelaySeconds, &out.InitialDelaySeconds + *out = new(int32) + **out = **in + } + if in.TimeoutSeconds != nil { + in, out := &in.TimeoutSeconds, &out.TimeoutSeconds + *out = new(int32) + **out = **in + } + if in.PeriodSeconds != nil { + in, out := &in.PeriodSeconds, &out.PeriodSeconds + *out = new(int32) + **out = **in + } + if in.SuccessThreshold != nil { + in, out := &in.SuccessThreshold, &out.SuccessThreshold + *out = new(int32) + **out = **in + } + if in.FailureThreshold != nil { + in, out := &in.FailureThreshold, &out.FailureThreshold + *out = new(int32) + **out = **in + } + if in.TerminationGracePeriodSeconds != nil { + in, out := &in.TerminationGracePeriodSeconds, &out.TerminationGracePeriodSeconds + *out = new(int64) + **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenTelemetryCollectorStatus. -func (in *OpenTelemetryCollectorStatus) DeepCopy() *OpenTelemetryCollectorStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Probe. +func (in *Probe) DeepCopy() *Probe { if in == nil { return nil } - out := new(OpenTelemetryCollectorStatus) + out := new(Probe) in.DeepCopyInto(out) return out } diff --git a/docs/api.md b/docs/api.md index 53f4cd4383..21e36635d2 100644 --- a/docs/api.md +++ b/docs/api.md @@ -20406,27 +20406,45 @@ SecurityContext configures the container security context for the targetallocato - fsGroup - integer + allowPrivilegeEscalation + boolean - A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - 1.
-
- Format: int64
+ AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process.
false - fsGroupChangePolicy + capabilities + object + + The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
+ + false + + privileged + boolean + + Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
+ + false + + procMount string - fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod.
+ procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths.
+ + false + + readOnlyRootFilesystem + boolean + + Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
false runAsGroup integer - The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext.
+ The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext.

Format: int64
@@ -20442,7 +20460,7 @@ SecurityContext configures the container security context for the targetallocato runAsUser integer - The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.
+ The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.

Format: int64
@@ -20451,35 +20469,55 @@ SecurityContext configures the container security context for the targetallocato seLinuxOptions object - The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext.
+ The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext.
false seccompProfile object - The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
+ The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options.
false - supplementalGroups - []integer + windowsOptions + object - A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for th
+ The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used.
false - - sysctls - []object + + + + +### OpenTelemetryCollector.spec.targetAllocator.securityContext.capabilities +[↩ Parent](#opentelemetrycollectorspectargetallocatorsecuritycontext) + + + +The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + + + + + + + + + + + + + - - + + @@ -20491,7 +20529,7 @@ SecurityContext configures the container security context for the targetallocato -The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. +The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext.
NameTypeDescriptionRequired
add[]string - Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.
+ Added capabilities
 false
windowsOptionsobjectdrop[]string - The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used.
+ Removed capabilities
 false
@@ -20539,7 +20577,7 @@ The SELinux context to be applied to all containers. If unspecified, the contain -The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options.
@@ -20569,46 +20607,12 @@ The seccomp options to use by the containers in this pod. Note that this field c
-### OpenTelemetryCollector.spec.targetAllocator.securityContext.sysctls[index] -[↩ Parent](#opentelemetrycollectorspectargetallocatorsecuritycontext) - - - -Sysctl defines a kernel parameter to be set - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
namestring - Name of a property to set
- 		true
valuestring - Value of a property to set
- 		true
- - ### OpenTelemetryCollector.spec.targetAllocator.securityContext.windowsOptions [↩ Parent](#opentelemetrycollectorspectargetallocatorsecuritycontext) -The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. +The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used.